Stitchflow
Back to directory
Wave logo

Wave SCIM guide

Connector Only

How to automate Wave user provisioning, and what it actually costs

Summary and recommendation

Wave Accounting, the free accounting platform designed for small businesses, does not support SCIM provisioning or native SSO on any plan. While third-party password managers like OneLogin and Okta can provide password-based authentication through vaulting, this isn't true SAML federation. Wave's architecture is fundamentally built for manual user management by small business owners, not enterprise identity integration.

This creates significant challenges for organizations that have adopted Wave but need centralized user lifecycle management. Without SCIM support, IT teams must manually create, update, and deactivate user accounts in Wave, creating compliance gaps and administrative overhead. The lack of native SSO means users must maintain separate credentials, increasing security risks and password fatigue.

The strategic alternative

Stitchflow provides SCIM-level provisioning through resilient browser automation for Wave without requiring any enterprise features from Wave itself. Works with Wave's free and Pro plans. Flat pricing under $5K/year, regardless of team size.

Quick SCIM facts

SCIM available?No
SCIM tier requiredN/A
SSO required first?Yes
SSO available?Yes
SSO protocolNone (third-party only)
DocumentationNot available

Supported identity providers

IdPSSOSCIMNotes
OktaVia third-partyNo SCIM available
Microsoft Entra IDVia third-partyNo SCIM available
Google WorkspaceVia third-partyNo native support
OneLoginVia third-partyNo native support

The cost of not automating

Without SCIM (or an alternative like Stitchflow), your IT team manages Wave accounts manually. Here's what that costs:

Source: Stitchflow aggregate data across apps with 2+ instances, normalized to 500 employees
Orphaned accounts (ex-employees with access)7
Unused licenses12
IT hours spent on manual management/year101 hours
Unused license cost/year$3,925
IT labor cost/year$6,088
Cost of compliance misses/year$1,741
Total annual financial impact$11,754

The Wave pricing problem

Wave gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.

Tier comparison

PlanPriceSSOSCIM
Free$0/month
Pro$16-19/month

Provisioning capabilities

PlanPriceSSOSCIM
Free$0/month
Pro$16-19/month

Wave's approach to enterprise identity is fundamentally different from other SaaS applications. Instead of native SAML integration, they rely entirely on third-party password managers and vault-based SSO through providers like OneLogin and Okta.

What this means in practice

Password-based authentication only: Wave users must be created manually in the application, then managed through password vaulting in your IdP. This isn't true SSO—it's automated password entry.

No centralized user lifecycle: When employees join, change roles, or leave, Wave accounts must be managed separately from your identity provider. There's no automated provisioning, deprovisioning, or attribute updates.

Financial data access risks: Since Wave handles accounting and financial data, the inability to instantly revoke access during offboarding creates compliance and security gaps.

Additional constraints

Third-party dependency reliability
SSO functionality depends on password manager integrations, which can break or require manual updates
No group-based access
Every user requires individual account creation and management within Wave
Small business focus
Wave is designed for businesses under $100K revenue with fewer than 10 employees—enterprise features aren't on their roadmap
Limited audit trail
No centralized logging of user access or provisioning events through your IdP

Summary of challenges

  • Wave does not provide native SCIM at any price tier
  • Organizations must rely on third-party tools or manual provisioning
  • Our research shows teams manually provisioning this app spend significant hidden costs annually

What Wave actually offers for identity

Wave Accounting has no native enterprise identity features. As a free accounting tool designed for freelancers and small businesses under $100K revenue, Wave doesn't support SAML SSO or SCIM provisioning.

Third-party password management only

The only "SSO" option is password vaulting through identity providers:

ProviderIntegration TypeDetails
OktaPassword vaulting (SWA)Stores Wave credentials, no federation
OneLoginPassword vaultingBasic credential storage only
OthersNoneNo Azure AD, Google Workspace, or generic SAML

Translation: These aren't true SSO integrations. Your identity provider simply stores and auto-fills Wave login credentials—users still authenticate directly with Wave.

What's missing for enterprise use

Enterprise FeatureWave Support
SAML SSO❌ No
OIDC SSO❌ No
SCIM provisioning❌ No
Just-in-time provisioning❌ No
Group/role mapping❌ No
Team management❌ No

The reality: Wave is built for solo entrepreneurs and small teams who manually manage 2-3 user accounts. There's no upgrade path to enterprise identity features because Wave isn't designed for enterprise use cases.

What IT admins are saying

Wave's consumer-focused design creates challenges for IT teams trying to manage business accounts:

  • No enterprise identity integration - users must be managed manually in Wave
  • Password-based SSO through third parties feels like a workaround, not a solution
  • Limited to small business use cases with no collaboration or team features
  • Free tool mindset conflicts with enterprise security requirements

No enterprise features

Wave community feedback

Limited to small business use cases

Wave user review

Third-party SSO available via AuthDigital or password managers

Wave documentation

The recurring theme

Wave is built for freelancers and micro-businesses, not organizations with IT departments. Any attempt to use it in a managed environment requires manual workarounds and third-party tools.

The decision

Your SituationRecommendation
Freelancer or solo business ownerStick with Wave's free plan - manual management is fine
Small team (2-5 users) with simple needsManual management acceptable - Wave's target use case
Growing business moving to enterprise toolsMigrate to QuickBooks Online or Xero with proper SCIM
IT team managing multiple SMB accounting toolsUse Stitchflow: consolidate identity management across apps
Compliance requirements or audit needsUse enterprise accounting software with native SCIM

The bottom line

Wave is designed for small businesses and freelancers who don't need enterprise identity features - there's no SCIM, no native SSO, and no enterprise collaboration tools. If your organization has outgrown Wave's SMB focus and needs provisioning automation, Stitchflow can bridge the gap or help transition to enterprise-grade accounting platforms.

Automate Wave without third-party complexity

Stitchflow delivers SCIM-level provisioning through resilient browser automation, backed by 24/7 human in the loop for Wave at <$5K/year, flat, regardless of team size.

Works alongside or instead of native SCIM
Syncs with your existing IdP (Okta, Entra ID, Google Workspace)
Automates onboarding and offboarding
SOC 2 Type II certified
24/7 human-in-the-loop monitoring
Book a Demo

Technical specifications

SCIM Version

Not specified

Supported Operations

Not specified

Supported Attributes

No native SCIM or SSO supportThird-party SSO available via AuthDigital or password managersDesigned for small businesses, not enterpriseNo team/collaboration features

Plan requirement

Not specified

Prerequisites

Not specified

Key limitations

  • No native SCIM or SSO support
  • Third-party SSO available via AuthDigital or password managers
  • Designed for small businesses, not enterprise
  • No team/collaboration features

Documentation not available.

Unlock SCIM for
Wave

Wave doesn't offer SCIM. Get an enterprise-grade SCIM endpoint in your IdP, even without native support.

See how it works
Admin Console
Directory
Applications
Wave logo
Wave
via Stitchflow

Last updated: 2026-01-11

* Pricing and features sourced from public documentation.

Keep exploring

Related apps

Xero logo

Xero

No SCIM

Finance / Accounting

ProvisioningNot Supported
Manual Cost$11,754/yr

Xero, the major cloud accounting platform, provides no native SCIM provisioning support on any plan—despite over 10 years of customer requests for enterprise identity features. While Xero offers basic SAML SSO through third-party providers like miniOrange, this only handles authentication and leaves IT teams manually managing user accounts, permissions, and offboarding in a system that handles sensitive financial data. This creates a significant security and compliance gap for organizations using Xero. Accounting platforms require strict access controls due to the sensitive nature of financial information, yet IT admins must rely on manual processes to provision new accountants and bookkeepers, update roles when employees change responsibilities, and ensure proper deactivation when staff leave. Without automated provisioning, there's no audit trail for user lifecycle events and substantial risk of orphaned accounts retaining access to financial systems.

View full guide
6sense logo

6sense

No SCIM

B2B Revenue Intelligence / ABM

ProvisioningNot Supported
Manual Cost$11,754/yr

6sense, the B2B revenue intelligence platform, has paused SCIM provisioning for new customers until Q4 2026. While existing customers with SCIM enabled can continue using it, new implementations are limited to JIT (Just-In-Time) provisioning through SAML SSO. This creates a significant gap for IT teams managing revenue intelligence access, as JIT only creates users on first login and provides minimal attribute mapping (email, first name, last name only). For an enterprise platform with typical pricing of $55,000-$130,000 annually, the absence of automated user lifecycle management is a substantial limitation. The lack of SCIM until Q4 2026 forces IT teams into manual provisioning workflows for a platform handling sensitive revenue data. While SAML SSO handles authentication, it doesn't address user lifecycle events like role changes, department transfers, or offboarding. This creates compliance risks in revenue teams where access to prospect data and sales intelligence must be tightly controlled. The nearly two-year wait for SCIM restoration means organizations implementing 6sense today face manual user management for the foreseeable future.

View full guide
Aha! logo

Aha!

No SCIM

Product Management / Roadmapping

ProvisioningNot Supported
Manual Cost$11,754/yr

Aha! Roadmaps, the product roadmapping platform, does not support SCIM provisioning on any plan. While Aha! offers SAML 2.0 SSO integration with identity providers like Okta, Entra ID, and OneLogin, this only handles authentication through JIT (Just-In-Time) provisioning. The critical limitation: JIT provisioning creates user accounts with no default role or access permissions, requiring administrators to manually configure access for each user after they first sign in. For product teams managing strategic roadmaps and stakeholder access, this creates significant operational overhead. Since product roadmaps contain sensitive strategic information and stakeholder access typically varies by product area, IT administrators must manually assign appropriate roles and workspace permissions after each user is provisioned. There's no automatic deprovisioning when users leave the organization, creating potential security gaps. This manual process becomes particularly problematic for larger product organizations where dozens of stakeholders across different business units need carefully managed access to specific roadmaps.

View full guide